New CISSP for career direction

I just passed the exam (a pat on my shoulder! ) as my career primarily built on application support and maintenance delivery and management, never thought I could make it without relevant experience whatsoever. As there are not many opportunities in Asia yet, where and how to get a job to start this endeavour?

Re: New CISSP for career direction

Hi, there and congratulations on passing the exam!I can't speak about CISSP opportunities in Asia, however CISSP ,as a requirement, or at least a minimum requirement, is in many job descriptions for Information Security Engineer and higher up into management now these days. US DoD has approved CISSP as a baseline certification at IAT level III

Re: New CISSP for career direction

Well based on your own admission (quoted at the bottom of this text), I do not think you will actually be awarded the CISSP because you comment you don't have any relevant experience whatsoever. If you don't have the 5 years of experience, the best you could do is be awarded an Associate designation. I'm pretty sure though if you call yourself a CISSP or put yourself out there as one professionally before actually being awarded the designation, you would be violating the Code of Ethics and would get permanently barred from ever being actually called a CISSP.

I might be wrong in my entire interpretation here, but if I am wrong, then I'm disappointed in the ISC2.

Passing the test is but one step in the journey.

@Ashl wrote:I just passed the exam (a pat on my shoulder! ) as my career primarily built on application support and maintenance delivery and management, never thought I could make it without relevant experience whatsoever.

Re: New CISSP for career direction

I’m well aware. I should labeled myself as Associate. As a new member, I was introduced to this place as trusted community where I can seek guidance or mentorship on how to go abt getting the work experience.

Re: New CISSP for career direction

Hi Ashl,

From your initial post, i understand that you have experience in application support. You may check for application security as it is one such area where you can start looking for jobs. I have met starts ups and found that many of them haven't realised the need for protecting their websites.

If you can build some skills in application security then you can approach startups and offer your assistance if they give you a job or you may offer your services for free so that you get some experience.

Re: New CISSP for career direction

Also remember this: IF the place you are working does not have good security practices, part of your duty as a CISSP is to enlighten them and increase the security posture of where you are. By doing this in the right way, you may be able to create your own career path. I have done this and it has led me to rising to the CISO role, as well as CIO and deputy roles in both CIO and CISO. I looked around for security jobs that were not being done and volunteered to do them, without asking or demanding that I be compensated for doing them. I used the experience I was getting in doing them as my pay. I then had the resume qualities to get those higher paying IT jobs, which I then parlayed into those C-level positions.

A lot of my coworkers had the attitude of "If they are not going to pay me. then I am not going to do it." That attitude kept them from advancing when the new jobs came open. I gained more experience than they did and advanced faster than they did. So look for jobs you can do. Offer to take on new roles as your company allows. Build a home network and practice with free tools that are available online. You are in charge of your career, not your bosses. If you wait for them to train you, then you will advance just as slowly as the rest of your coworkers.

Re: New CISSP for career direction

HI, Have put forward a good linkedln profile and self advertised? Security opportunities are rapidly growing in Asia-Pacific. Have you approached organisations, you would like to work for or researched the type of opportunities you are looking to grow your career and experience with? Passing the CISSP is a good positive step forward, but as previous replies have stated, you need to grow your experience. Do you have any particular interests or have you looked to communicating with local security groups with peer groups?

@Ashl wrote:I just passed the exam (a pat on my shoulder! ) as my career primarily built on application support and maintenance delivery and management, never thought I could make it without relevant experience whatsoever. As there are not many opportunities in Asia yet, where and how to get a job to start this endeavour?

Social Media

All contents of this site constitute the property of (ISC)², Inc. and may not be copied, reproduced or distributed without prior written permission. (ISC)², CISSP, SSCP, CCSP, CAP, CSSLP, HCISPP, CISSP-ISSAP, CISSP-ISSEP, CISSP-ISSMP and CBK are registered certification marks of (ISC)², Inc.